services: lldap: image: lldap/lldap:v0.6.0 container_name: lldap restart: unless-stopped pull_policy: missing ports: - "3890:3890" - "17170:17170" # front-end; ueber traefik # auskommentieren wenn fertig volumes: - "lldap_data:/data" - "./lldap_config.toml:/data/lldap_config.toml" environment: TZ: Europe/Berlin networks: - traefik - postfix - internal # labels: # traefik.enable: true # traefik.http.routers.lldap.service: lldap # traefik.http.routers.lldap.priority: "10" # traefik.http.routers.lldap.rule: Host(`ldap.mgrote.net`) # traefik.http.routers.lldap.tls: true # traefik.http.routers.lldap.tls.certresolver: resolver_letsencrypt # traefik.http.routers.lldap.entrypoints: entry_https # traefik.http.services.lldap.loadbalancer.server.port: 17170 #healthcheck: # https://github.com/lldap/lldap/issues/18389 # test: ["CMD", "mc", "ready", "local"] # interval: 5s # timeout: 5s # retries: 5 ######## Postgres ######## lldap-db17: container_name: "lldap-db" image: "postgres:17.0" restart: unless-stopped pull_policy: missing environment: POSTGRES_USER: lldap POSTGRES_PASSWORD: "{{ lookup('viczem.keepass.keepass', 'lldap/lldap_db_pass', 'password') }}" TZ: Europe/Berlin volumes: - db17:/var/lib/postgresql/data networks: - internal healthcheck: test: ["CMD", "pg_isready", "-U", "lldap"] interval: 10s start_period: 30s ######## Networks ######## networks: traefik: external: true postfix: external: true internal: ######## Volumes ######## volumes: lldap_data: db17: # todo heatclheck # rolle in friedho # munin url # chedckliste # backups pve/pbs löschen # depends_on # munin + lldap mit 2fa